Dustin C. Hatch
0d30e54fd5
Normal users do not need shell access to the file server, and certainly should not be allowed to e.g. forward ports through it. Using a `Match` block, we can apply restrictions to users who do not need administrative functionality. In this case, we restrict everyone who is not a member of the *Server Admins* group in the PYROCUFFLINK AD domain.
5 lines
81 B
YAML
5 lines
81 B
YAML
file_shares: []
|
|
samba_use_smbd: true
|
|
|
|
fileserver_sftp_only_match: 'User !root,*'
|